[ale] SSH configuraiton

cfowler cfowler at outpostsentinel.com
Mon Feb 10 13:38:02 EST 2003 

I don;t shutdown my box.  In fact my box has not idea what shutdown
means.  All it understands is reboot();  


On Mon, 2003-02-10 at 13:29, Jerry Z. Yu wrote:
> 	yeah, if like Chris said, the only impersistence is from the fs 
> based on ram, he should be able to do customize an init script to save the 
> known_hosts file off the ram-based fs upon shutdown, and copy it back to 
> where it was upon boot.
> 
>  On Mon, 10 Feb 2003, James P. Kinney III wrote:
> 
> #Is it possible to populate that ram disk with a valid known_hosts file?
> #That would really be a better way to work this than to turn off
> #authentication.
> #
> #
> #On Mon, 2003-02-10 at 12:26, cfowler wrote:
> #> But my impersistence is du to the fact that ~/.ssh/known_hosts sits in
> #> ram and not on disk.
> #> 
> #> 
> #> On Mon, 2003-02-10 at 12:19, James P. Kinney III wrote:
> #> > The persistence is due to the remote host IP address changing. Classic
> #> > case: remote host using dynamic DNS listing gets new IP address from
> #> > ISP. Next ssh connection grips about authenticity as the host key is
> #> > good but it is keyed to the IP address.
> #> > 
> #> > On Mon, 2003-02-10 at 11:24, Jerry Z. Yu wrote:
> #> > > 	if you really really don't care about host authenticity, you can 
> #> > > set 'StrictHostKeyChecking' to 'no', so ssh can automatically add new 
> #> > > host keys to the user known hosts files.
> #> > > 	 $HOME/.ssh/known_hosts should be persistent. Not sure why/what 
> #> > > you are referring to on its impersistence?
> #> > > 
> #> > > 
> #> > > On Mon, 10 Feb 2003, Jason Day wrote:
> #> > > 
> #> > > #On Mon, Feb 10, 2003 at 10:53:48AM -0500, cfowler wrote:
> #> > > #> I want to configure ssh_config so that the users do not get the
> #> > > #> following message.  I do not care about authenticity of hosts.  I
> #jst
> #> > > #> want encryption.  The ~/.ssh/known_hosts file is not persistent
> #across
> #> > > #> reboots so this message could become a little bit of a pain
> #> > > #
> #> > > #I don't think it can be done without a code change, since that would
> #> > > #defeat most of the point.  You might be able to work around it,
> #though.
> #> > > #You say that ~/.ssh/known_hosts is not persistent, but could you make
> #a
> #> > > #persistent known_hosts file?  If so, you could set the
> #> > > #StrictHostKeyChecking options to "yes" and the UserKnownHostsFile
> #option
> #> > > #to a persistent known_hosts file, which you would have to maintain.
> #If
> #> > > #the server keys ever change, though, you will have to update the
> #> > > #known_hosts file, or your users won't be able to connect.
> #> > > #
> #> > > #Jason
> #> > > #-- 
> #> > > #Jason Day                                       jasonday at
> #> > > #http://jasonday.home.att.net                    worldnet dot att dot
> #net
> #> > > # 
> #> > > #"Of course I'm paranoid, everyone is trying to kill me."
> #> > > #    -- Weyoun-6, Star Trek: Deep Space 9
> #> > > #_______________________________________________
> #> > > #Ale mailing list
> #> > > #Ale at ale.org
> #> > > #http://www.ale.org/mailman/listinfo/ale
> #> > > #
> #> > > 
> #> > > Jerry Z. Yu				+1-404-487-8544 (O)
> #> > > systems engineer			z.yu at voicecom.com
> #> > > is support, voicecom, llc		www.voicecom.com
> #> > > 
> #> > > _______________________________________________
> #> > > Ale mailing list
> #> > > Ale at ale.org
> #> > > http://www.ale.org/mailman/listinfo/ale
> #> > -- 
> #> > James P. Kinney III          \Changing the mobile computing world/
> #> > CEO & Director of Engineering \          one Linux user         /
> #> > Local Net Solutions,LLC        \           at a time.          /
> #> > 770-493-8244                    \.___________________________./
> #> > http://www.localnetsolutions.com
> #> > 
> #> > GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
> #<jkinney at localnetsolutions.com>
> #> > Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 
> #> 
> #> 
> #> _______________________________________________
> #> Ale mailing list
> #> Ale at ale.org
> #> http://www.ale.org/mailman/listinfo/ale
> #-- 
> #James P. Kinney III          \Changing the mobile computing world/
> #CEO & Director of Engineering \          one Linux user         /
> #Local Net Solutions,LLC        \           at a time.          /
> #770-493-8244                    \.___________________________./
> #http://www.localnetsolutions.com
> #
> #GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
> #<jkinney at localnetsolutions.com>
> #Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 
> #
> 
> Jerry Z. Yu				+1-404-487-8544 (O)
> systems engineer			z.yu at voicecom.com
> is support, voicecom, llc		www.voicecom.com
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale


_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale

More information about the Ale mailing list